Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/zhDNlvbN1uuWdW9KirGYsqCBLAs.roa
File: zhDNlvbN1uuWdW9KirGYsqCBLAs.roa (raw, json)
Hash identifier: xgjXyjkE8t40RD7iV/Xi7s9Mgmikxd/GcYQOHocI0Jk=
Subject key identifier: CE:10:CD:96:F6:CD:D6:EB:96:75:6F:4A:8A:B1:98:B2:A0:81:2C:0B
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 018A60CEDDB4C75C10501F3AA5A2BE4CFC96
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/zhDNlvbN1uuWdW9KirGYsqCBLAs.roa
Signing time: Mon 04 Sep 2023 15:28:04 +0000
ROA not before: Mon 04 Sep 2023 15:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39810
IP address blocks: 89.187.0.0/23 maxlen: 24
89.187.2.0/24 maxlen: 24
89.187.3.0/24 maxlen: 24
2a10:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:ce:dd:b4:c7:5c:10:50:1f:3a:a5:a2:be:4c:fc:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Sep 4 15:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce10cd96f6cdd6eb96756f4a8ab198b2a0812c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ed:51:a6:db:be:c2:12:65:b9:7d:6c:64:7d:
ed:19:46:c6:78:82:f9:c0:80:51:4a:e5:8d:48:03:
a3:ac:d9:d5:0c:73:56:b1:d2:be:1a:9f:21:6a:e9:
ff:a9:51:a4:3d:09:32:77:56:d0:0a:de:94:06:35:
a7:cb:c7:a2:89:4f:b5:73:86:a4:65:59:2d:d3:f6:
11:36:aa:23:e4:a1:81:76:2e:f3:21:9f:7f:1e:76:
87:a5:6c:66:fa:0a:fd:82:50:d6:89:2a:87:7d:cc:
b2:e9:9b:cd:9a:99:0f:76:32:5e:39:f9:58:3c:e5:
0f:54:7a:77:2b:b5:34:98:30:55:22:c0:8a:cc:ea:
e1:85:d1:70:98:ca:72:1e:5b:be:62:76:38:b4:0e:
52:6b:69:35:d0:e0:27:05:f3:23:ab:ae:27:e1:b9:
dc:07:e7:61:20:52:29:22:ab:b0:91:a3:0d:9c:08:
f2:cb:f9:76:13:67:8e:25:94:e2:e2:72:80:47:e4:
5d:4d:d8:27:4e:84:e4:55:47:04:20:03:16:4d:29:
ad:38:58:e4:05:3c:3c:50:f3:e9:78:08:e1:f0:3c:
39:4c:27:75:d7:a1:de:11:5b:c6:26:47:c6:47:bb:
e9:8c:d3:47:be:70:ab:a5:4e:fb:f4:a4:10:44:fd:
3f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:10:CD:96:F6:CD:D6:EB:96:75:6F:4A:8A:B1:98:B2:A0:81:2C:0B
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/zhDNlvbN1uuWdW9KirGYsqCBLAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.0.0/22
IPv6:
2a10:e400::/29
Signature Algorithm: sha256WithRSAEncryption
43:4b:bd:de:73:4b:ff:f8:b9:f4:11:05:2c:92:33:ab:89:9c:
d6:f3:f7:df:3b:d3:04:44:20:76:9f:e5:69:b0:b0:6a:85:db:
f6:82:ed:94:28:9a:d6:74:a6:24:00:d7:62:d5:aa:32:87:ed:
54:b6:48:8e:9e:fb:8e:25:36:64:13:44:c6:7c:40:ef:83:ac:
3e:40:49:d9:3c:6c:2e:e2:e5:88:5c:17:3b:f8:67:16:9d:a0:
a0:ab:86:0e:22:94:d3:6b:15:e0:7e:e7:a1:d3:29:a6:d6:ae:
02:b8:f4:22:4e:d9:ec:04:b6:a6:67:8d:20:21:0e:f5:a6:c6:
6b:da:5a:45:1b:98:2e:7a:a4:82:13:61:ca:99:8e:e3:60:12:
b4:70:a7:70:3e:48:7f:ba:5f:07:83:f1:e1:42:84:d1:68:3f:
69:74:a4:2e:e8:a8:7f:f0:4a:1d:96:49:3b:eb:50:a7:1b:91:
9f:08:bb:c3:87:16:21:81:19:8e:55:b2:f2:ef:12:8e:7e:ed:
6b:61:69:0b:97:88:43:ef:f2:66:80:6b:0c:71:3e:08:6c:3b:
97:bc:a9:4c:eb:b3:93:d9:62:a8:9a:d3:f5:f3:60:de:45:4f:
3d:48:0b:0b:f3:03:9a:50:49:4f:d7:1c:c6:27:52:b5:a6:ae:
df:f3:28:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpgzt20x1wQUB86paK+TPyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwOTA0MTUyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTEwY2Q5NmY2Y2RkNmViOTY3NTZmNGE4YWIxOThiMmEwODEyYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu1Rptu+whJluX1sZH3tGUbGeIL5
wIBRSuWNSAOjrNnVDHNWsdK+Gp8haun/qVGkPQkyd1bQCt6UBjWny8eiiU+1c4ak
ZVkt0/YRNqoj5KGBdi7zIZ9/HnaHpWxm+gr9glDWiSqHfcyy6ZvNmpkPdjJeOflY
POUPVHp3K7U0mDBVIsCKzOrhhdFwmMpyHlu+YnY4tA5Sa2k10OAnBfMjq64n4bnc
B+dhIFIpIquwkaMNnAjyy/l2E2eOJZTi4nKAR+RdTdgnToTkVUcEIAMWTSmtOFjk
BTw8UPPpeAjh8Dw5TCd116HeEVvGJkfGR7vpjNNHvnCrpU779KQQRP0/pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM4QzZb2zdbrlnVvSoqxmLKggSwLMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvemhETmx2Yk4xdXVXZFc5S2lyR1lzcUNCTEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWbsAMA0E
AgACMAcDBQMqEOQAMA0GCSqGSIb3DQEBCwUAA4IBAQBDS73ec0v/+Ln0EQUskjOr
iZzW8/ffO9MERCB2n+VpsLBqhdv2gu2UKJrWdKYkANdi1aoyh+1UtkiOnvuOJTZk
E0TGfEDvg6w+QEnZPGwu4uWIXBc7+GcWnaCgq4YOIpTTaxXgfueh0ymm1q4CuPQi
TtnsBLamZ40gIQ71psZr2lpFG5gueqSCE2HKmY7jYBK0cKdwPkh/ul8Hg/HhQoTR
aD9pdKQu6Kh/8Eodlkk761CnG5GfCLvDhxYhgRmOVbLy7xKOfu1rYWkLl4hD7/Jm
gGsMcT4IbDuXvKlM67OT2WKomtP182DeRU89SAsL8wOaUElP1xzGJ1K1pq7f8ygG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org